1 Topic by wrdamron

  • wrdamron
  • Member
  • Offline
  • Registered: 2024-08-19
  • Posts: 15

Topic: .well_known?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I'm really at a loss as to why when I run certbot dry run it fails every time.  I've checked my firewall rules and all seems well.  I ran a test by putting a text file in the /var/www/html/.well-known, but I was not able to view nor download the file it just timed out.  certbot did create the acme directory in the folder however the thing still fails.  I will add part of the log from letsencrypt and hopefully someone can pick up on the issue.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by jackb

  • jackb
  • Member
  • Offline
  • From: Ireland
  • Registered: 2019-05-06
  • Posts: 117

Re: .well_known?

wrdamron wrote:

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I'm really at a loss as to why when I run certbot dry run it fails every time.  I've checked my firewall rules and all seems well.  I ran a test by putting a text file in the /var/www/html/.well-known, but I was not able to view nor download the file it just timed out.  certbot did create the acme directory in the folder however the thing still fails.  I will add part of the log from letsencrypt and hopefully someone can pick up on the issue.

Please post logs

Regards

3 Reply by wrdamron

  • wrdamron
  • Member
  • Offline
  • Registered: 2024-08-19
  • Posts: 15

Re: .well_known?

Well this system is not allowing links which are in the logs, I've been trying to past a small section to here but it just won't let me.  its just a small section and I've changed domain name an ip address yet it still won't let me post.

4 Reply by wrdamron

  • wrdamron
  • Member
  • Offline
  • Registered: 2024-08-19
  • Posts: 15

Re: .well_known?

this is the error
.well-known/acme-challenge/rGgZmWorNBa21FwtZ7GKe634ExXHVPPbpxivd8cHP3E: Timeout during connect (likely firewall problem)

5 Reply by wrdamron

  • wrdamron
  • Member
  • Offline
  • Registered: 2024-08-19
  • Posts: 15

Re: .well_known?

could this be a problem with Nginx?

6 Reply by jackb

  • jackb
  • Member
  • Offline
  • From: Ireland
  • Registered: 2019-05-06
  • Posts: 117

Re: .well_known?

wrdamron wrote:

this is the error
.well-known/acme-challenge/rGgZmWorNBa21FwtZ7GKe634ExXHVPPbpxivd8cHP3E: Timeout during connect (likely firewall problem)

What DNS provider are you using ? do you have a valid A/AAAA Record that matches the hostname of the mail server?

Well known is related to Nginx Server Block. Did you install iRedmail from scratch ?

Are you using certbot certonly --webroot -w /var/www/html -d mail.mydomain.com ?

Regards

7 Reply by wrdamron

  • wrdamron
  • Member
  • Offline
  • Registered: 2024-08-19
  • Posts: 15

Re: .well_known?

Sorry, I was dumb.  I have my https going to a different port than 443 and this is what was the problem.  Everything worked out got the certs and I'm good to go.  Thanks for the quick response.

8 Reply by jackb

  • jackb
  • Member
  • Offline
  • From: Ireland
  • Registered: 2019-05-06
  • Posts: 117

Re: .well_known?

wrdamron wrote:

Sorry, I was dumb.  I have my https going to a different port than 443 and this is what was the problem.  Everything worked out got the certs and I'm good to go.  Thanks for the quick response.

Yep that will cause the problem. Certbot requires a Web Server listening on Port 80/443

Regards